Striking the Balance—Privacy versus Security and the New White House Report
By Andrew Serwin, CIPP/US, CIPP/E, CIPP/G
The Snowden revelations have had a significant impact on trust in the government, international relations and how we view privacy. On December 18, a Presidential Commission released a report that was created to review the government surveillance program in the aftermath of the Snowden disclosures. The report, Liberty and Security in a Changing World, clearly identified the goals it sought to achieve:
our recommendations are designed to protect our national security and advance our foreign policy while also respecting our longstanding commitment to privacy and civil liberties, recognizing our need to maintain the public trust (including the trust of our friends and allies abroad), and reducing the risk of unauthorized disclosures.
The report contains 46 recommendations regarding changes to the government surveillance program, a list of which would be beyond the scope of this article, but there are several key recommendations that are important to consider. In broad terms, the report: recommends principles; examines the history of these issues; explores what reforms should be considered for foreign intelligence surveillance that is directed to U.S. persons; considers what reforms should be considered for foreign intelligence surveillance that is directed to non-U.S. persons; examines what intelligence should be gathered and how it should be collected (including how we cooperate with our allies); structural reforms; how to promote prosperity, security and openness in light of the technological issues we face in a “networked” world, and how to protect what intelligence we collect.
This report obviously was commissioned after the Snowden revelations and the resulting reactions both in the U.S. and abroad, but the commission was clear that while this was the impetus, the focus of the report was broader and it addresses the creation of sturdy foundations for the future to safeguard liberty and security in a rapidly changing world. In order to fully address these issues, the report identified several goals, some of which, it noted, were competing:
- protecting the nation against threats to our national security;
- promoting other national security and foreign policy interests;
- protecting the right to privacy;
- protecting democracy, civil liberties and the rule of law;
- promoting prosperity, security and openness in a networked world, and
- protecting strategic alliances.
Research from the Lares Institute supports the report’s identification of these as key issues, as well as the competitive nature of the goals, which is also reflected in the views people have regarding Snowden. This research also supports the balance the report seeks to achieve—which is protecting privacy and increasing transparency while simultaneously continuing to protect national security.
In an Internet survey of over 470 U.S. residents, respondents were asked which of the following statements they agreed with about Snowden. (The margin of error for this study was five percent at a 95-percent confidence level.) The responses were as follows:
It is also important to note individuals’ views regarding the surveillance program when assessing the report and its recommendations, and the sometimes competing nature of these goals. When they were asked about government surveillance, and whether they agree with the following statements, respondents stated as follows:
What is clear from this data is that privacy is important; congressional oversight is seen as lacking, but overall, protecting national security is seen as an important issue for many Americans.
To further illustrate the issues the government must solve, it is helpful to examine the trust impact of the Snowden revelations. Prior to the Snowden revelations, the Lares Institute conducted a survey (same margin of error and confidence level as that above) that asked who individuals trusted more with their privacy—the public or private sector. This data is reflected in the red columns below, and this question was resurveyed post-Snowden, which is reflected in the orange column on the chart. This illustrates the trust gap that the government must address, and it is helpful to have this context when assessing the report’s recommendations.
There has been a significant loss of trust in the government, and while people are generally accepting of surveillance, they would like a deeper understanding of the privacy protections that are in place, and likely would want to see more effective Congressional oversight.
This backdrop is helpful in examining the key recommendations of the report, which include:
- Limiting surveillance on foreign leaders to situations where the president or his advisors approve it;
- Splitting control of the NSA from the military (a suggestion that has already been rejected);
- Having the metadata stored by the private sector rather than the NSA;
- Increasing the application of the Privacy Act to foreign nationals in certain circumstances;
- Limiting the use of National Security Letters by the FBI, and
- Requiring specific FISA Court approval of queries rather than the current system of operating under a blanket order.
There are a number of other recommendations but these are among the most important, and these should be assessed against the research referenced above. Whether these changes will occur, including the requirement that the metadata be retained by the private sector, changes that would make our system more akin to the European requirements of data retention, remain to be seen, but in any case the report offers a starting point for continued, informed debate in this country.
The Lares Institute will release a more detailed white paper on its research.
Andrew B. Serwin, CIPP/US, CIPP/E, CIPP/G, is a partner in the Global Privacy and Data Security Practice Group at Morrison & Foerster LLP’s San Diego and Washington, D.C. offices. Serwin has handled a number of high-profile privacy and consumer protection matters, including multiple privacy enforcement matters before the Federal Trade Commission, and is internationally recognized as one of the leading consumer protection and privacy lawyers. He has written a number of books, including the leading treatise on privacy, Information Security and Privacy: A Guide to Federal and State Law and Compliance and Information Security and Privacy: A Guide to International Law and Compliance, (West 2005-2013). Serwin is recognized by Chambers USA as one of the top privacy and data security attorneys nationwide (2009–2013) and serves as executive director of the Lares Institute.